sam_oneal/dial-reference
1
0
Fork 0
mirror of https://github.com/Netflix/dial-reference.git synced 2026-06-08 10:59:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Reject HTTP requests with an invalid (e.g. negative) Content-Length header value.

Browse Source 
Make sure to allocate enough memory in buffers for the operations they are used for, and to check/enforce buffer sizes when performing those memory operations.
Properly allocate and free memory.
Make a best effort at allocating memory for the network hardware address (remove code for Apple platforms).
Try to consume all of the remaining content if a valid Content-Length header was provided.
Check for success when attempting to acquire mutexes.
This commit is contained in:
Wesley Miaw
2019-10-07 14:38:16 -07:00
parent 8c13345a4d
commit 93756a84ea
10 changed files with 555 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
server/dial_data.c
View File

@@ -44,46 +44,79 @@ void set_dial_data_dir(const char *data_dir) {
static char* getAppPath(char *app_name) {
size_t name_size = strlen(app_name) + sizeof(dial_data_dir) + 1;
char* filename = (char*) malloc(name_size);
if (filename == NULL) {
return NULL;
}
filename[0] = 0;
strncat(filename, dial_data_dir, name_size);
strncat(filename, app_name, name_size - sizeof(dial_data_dir));
return filename;
}
void store_dial_data(char app_name[], DIALData *data) {
void store_dial_data(char *app_name, DIALData *data) {
char* filename = getAppPath(app_name);
if (filename == NULL) {
printf("Cannot open DIAL data output file, out-of-memory.");
exit(1);
}
FILE *f = fopen(filename, "w");
free(filename); filename = NULL;
if (f == NULL) {
printf("Cannot open DIAL data output file: %s\n", filename);
exit(1);
}
free(filename);
for (DIALData *first = data; first != NULL; first = first->next) {
fprintf(f, "%s %s\n", first->key, first->value);
// truncate because we have limits on length when retrieving.
fprintf(f, "%.*s %.*s\n", DIAL_KEY_OR_VALUE_MAX_LEN, first->key, DIAL_KEY_OR_VALUE_MAX_LEN, first->value);
}
fclose(f);
}
DIALData *retrieve_dial_data(char *app_name) {
char* filename = getAppPath(app_name);
if (filename == NULL) {
return NULL; // no dial data found, that's fine
}
FILE *f = fopen(filename, "r");
free(filename);
free(filename); filename = NULL;
if (f == NULL) {
return NULL; // no dial data found, that's fine
}
DIALData *result = NULL;
char key[256];
char value[256];
while (fscanf(f, "%255s %255s\n", key, value) != EOF) {
char key[DIAL_KEY_OR_VALUE_MAX_LEN + 1] = {0,};
char value[DIAL_KEY_OR_VALUE_MAX_LEN + 1] = {0,};
int err = 0;
while (fscanf(f, "%" DIAL_KEY_OR_VALUE_MAX_LEN_STR "s %" DIAL_KEY_OR_VALUE_MAX_LEN_STR "s\n", key, value) != EOF) {
DIALData *newNode = (DIALData *) malloc(sizeof(DIALData));
newNode->key = (char *) calloc(1, strlen(key));
if (newNode == NULL) {
err = 1;
break;
}
newNode->key = (char *) calloc(strlen(key) + 1, sizeof(char));
if (newNode->key == NULL) {
err = 1;
free(newNode); newNode = NULL;
break;
}
strncpy(newNode->key, key, strlen(key));
newNode->value = (char *) calloc(1, strlen(value));
newNode->value = (char *) calloc(strlen(value) + 1, sizeof(char));
if (newNode->value == NULL) {
err = 1;
free(newNode->key); newNode->key = NULL;
free(newNode); newNode = NULL;
break;
}
strncpy(newNode->value, value, strlen(value));
newNode->next = result;
result = newNode;
}
fclose(f);
if (err) {
free_dial_data(&result);
result = NULL;
}
return result;
}
@@ -92,10 +125,10 @@ void free_dial_data(DIALData **dialData)
DIALData *curNode=NULL;
while (*dialData != NULL) {
curNode = *dialData;
*dialData =curNode->next;
*dialData = curNode->next;
free(curNode->key);
free(curNode->value);
free(curNode);
free(curNode->key); curNode->key = NULL;
free(curNode->value); curNode->value = NULL;
free(curNode); curNode = NULL;
}
}